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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments witli respect to claims 1-20 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Objections 

2. Claim 10 is objected to because of the following informalities: 

With regard to claim 10, Examiner suggests replacing "a home agent located on 
the virtual private network" in line 4 with "the home agent" in consistent with the claim 
language in claims 8 and 9. 

Appropriate correction is required. 

Claim Rejections - 35 USC §112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claims 1-7and 16-20 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

With regard to claim 1 , "on a home network" does not clearly define the metes 
and bounds, and the scope, of the limitation because the "connections" are not 
necessary direct and the terms "located" is not necessary "coupled to" or "connected 
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to". The interchanges of these terms add to the confusion. E.g. "said mobile node is 
connected to a foreign network" can be read "said mobile node [located on the home 
network] is connected to a foreign network" when in a soft handoff situation, the mobile 
node moves toward the foreign network and has simultaneous communication between 
the home and foreign networks. Or "a home network having a security gateway and a 
home agent" precludes the security gateway linked to the home agent, although the 
claim later clarifies "said security gateway ... is connected to said home agent". See 
also omitting essential structural cooperative relationships rejection below. 

Claim 1 is also rejected under omitting essential structural cooperative 
relationships of elements, and claims 2-7 are rejected because the claims depend from 
rejected claim 1 . 

Claim 16 is rejected under insufficient antecedent basis. 

Claims 17-20 are rejected because the claims depend from rejected claim 16. 

5. There is insufficient antecedent basis for this limitation in the claim. 

Claim 16, line 8, "the home agent on the home network". The home agent is on 
the virtual private network in line 5. 

Claim 16, line 9, "the correspondence node connected to said foreign network". 

6. Claims 1-7 are rejected under 35 U.S.C. 112, second paragraph, as being 
incomplete for omitting essential structural cooperative relationships of elements, such 
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omission amounting to a gap between tlie necessary structural connections. See 
MPEP § 2172.01 . Tine omitted structural cooperative relationships are: 

With regard to claim 1 , it is unclear whether the foreign network is connected to 
the home network. The claim recites "a virtual private network on a home network", 
"said mobile node is connected to a foreign network", "said security gateway ... is 
connected to said home agent", and "a correspondence node located on the virtual 
private network on the home network and coupled to said home agent ...." The claim 
does not recite whether the foreign network is connected to the home network. 

Claims 2-7 are rejected because the claims depend from rejected claim 1 . 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

8. Claims 1,3-7,16,18-20 are rejected under 35 U.S.C. 102(a) as being anticipated 
by Sjostrand et al. (NPL "Mobile IP and Virtual Private Networks Problem Statement"). 

With regard to claim 1, Sjostrand discloses 

a virtual private network (VPN Domain) on a home network (VPN Domain in 
Section 2.1 Simple flat network) having a security gateway (VPN GW agent or 
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FW/GW in Section 2.1 Simple flat network) and a home agent (Home Agent or HA 
in Section 2.1 Simple flat network), wherein said mobile node is connected to a 
foreign network (Foreign Network in Section 2.1 Simple flat network), and 
information packets are transmitted (See MIP tunnel between Foreign Network and 
VPN Domain; arrow between Foreign Network and VPN Domain in Fig. 1 
[Communication] With a foreign agent) to the mobile node (Mobile Node or MN in 
Section 2.1 Simple flat network) from the virtual private network (VPN Domain), and 
wherein said security gateway (VPN GW agent or FW/GW) on the virtual private 
network is connected to said home agent (Home Agent or HA), said security gateway 
having an inner tunnel address (IPsec in protocol stack for VPN Domain side in Fig. 
1 [Communication] With a foreign agent) for routing packets within the virtual private 
network on the home network (VPN Domain); and 

a correspondence node (CN in Section 2.1 Simple flat network) located on the 
virtual private network (VPN Domain) on the home network (VPN Domain) and coupled 
to said home agent on the virtual private network (connection between HA and CN in 
Section 2.1 Simple flat network), wherein an information packet transmitted from the 
correspondence node (CN) is encapsulated by the home agent on the home network 
(IP in protocol stack for VPN Domain side in Fig. 1 [Communication] With a 
foreign agent), said encapsulated information packet is transmitted to the security 
gateway using the inner tunnel address (IP) and said security gateway transmits the 
encapsulated information packet to the mobile node (See MIP tunnel between Foreign 
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Network and VPN Domain; arrow between Foreign Network and VPN Domain in 
Fig. 1 [Communication] With a foreign agent). 

With regard to claim 3, Sjostrand further discloses the security gateway further 
encapsulates the information packet (IPsec in protocol stack for VPN Domain side in 
Fig. 1 [Communication] With a foreign agent). 

With regard to claim 4, Sjostrand further discloses the communication system 
does not use an external home agent for forwarding the information packet to the 
mobile node (there is only one home agent in Section 2.1 Simple flat network). 

With regard to claim 5, Sjostrand further discloses the information packet 
includes an address for the security gateway (MIP). 

With regard to claim 6, Sjostrand further discloses the information packet 
includes a virtual private network inner tunnel address (IPsec). 

With regard to claim 7, Sjostrand further discloses the security gateway transmits 
the information packet to the home agent to forward outside the virtual private network 
to the mobile node (See MIP tunnel between Foreign Network and VPN Domain; 
arrow between Foreign Network and VPN Domain in Fig. 1 [Communication] With 
a foreign agent). 
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With regard to claim 16, Sjostrand discloses 

providing a virtual private network (VPN Domain) on a home network (VPN 
Domain in Section 2.1 Simple flat network) with a home agent (Home Agent or HA 
in Section 2.1 Simple flat network) on said virtual private network (VPN Domain), 
said virtual private network (VPN Domain) being associated with a mobile node (Mobile 
Node or MN in Section 2.1 Simple flat network) connected to a foreign network 
(Foreign Network in Section 2.1 Simple flat network); 

providing a security gateway (VPN GW agent or FW/GW in Section 2.1 Simple 
flat network) located on the virtual private network (VPN Domain) and connected to 
the home agent (Home Agent or HA), said security gateway (VPN GW agent or 
FW/GW) being designated with a gateway address (public address of the 
corresponding HA, Section 2.2 Networks and internal routing) for routing 
information packets to the virtual private network and having an inner tunnel address (IP 
in protocol stack for VPN Domain side in Fig. 1 [Communication] With a foreign 
agent) for routing information packets within the virtual private network; 

forming an information packet associated with a correspondence node (CN in 
Section 2.1 Simple flat network) on the virtual private network for transmission to the 
mobile node; 

transmitting the information packet to the security gateway using said inner 
tunnel address (IP in protocol stack for VPN Domain side in Fig. 1 
[Communication] With a foreign agent); 
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encapsulating tine information pacl<et at the security gateway (MIP and IPsec in 
protocol stack for VPN Domain side in Fig. 1 [Communication] With a foreign 
agent); and 

forwarding the information pacl<et to the mobile node without using an external 
home agent (there is only one home agent in Section 2.1 Simple flat network). 

With regard to claim 18, Sjostrand further discloses encapsulates the information 
packet at the home agent with the inner tunnel address to allow the correspondence 
node on the virtual private network to route packets to the security gateway (IP in 
protocol stack for VPN Domain side in Fig. 1 [Communication] With a foreign 
agent). 

With regard to claim 19, Sjostrand further discloses transmitting the information 
packet out of the virtual private network from the home agent (See MIP tunnel between 
Foreign Network and VPN Domain; arrow between Foreign Network and VPN 
Domain in Fig. 1 [Communication] With a foreign agent). 

With regard to claim 20, Sjostrand further discloses transmitting the information 
packet out of the virtual private network from the security gateway (See MIP tunnel 
between Foreign Network and VPN Domain; arrow between Foreign Network and 
VPN Domain in Fig. 1 [Communication] With a foreign agent). 
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Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary sl^ill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 2 and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Sjostrand. 

With regard to claims 2 and 17, Sjostrand discloses the packet-based wireless 
communication system of claim 1 and the method for packet-based communication of 
claim 16. 

The concept of encryption as it relates to a gateway is well-known as evidenced 
by a gateway's capability to also decrypt ("VPN Gateway decapsulates and decrypts 
and also perform firewalling", Section 2.1 Simple flat network). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill In the art to combine encryption, with the gateway in Sjostrand, In order to provide 
for the capability of encryption and decryption to enhance security. 

1 1 . Claims 8-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sjostrand in view of Adrangi et al. (NPL "Problem Statement for Mobile IPv4 Traversal 
Across VPN Gateway"). 
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With regard to claim 8, Sjostrand discloses 

a foreign network (Foreign Network in Section 2.1 Simple flat network) 
coupled to a mobile node (Mobile Node or MN in Section 2.1 Simple flat network) 
associated with a virtual private network (VPN Domain) on a home network (VPN 
Domain in Section 2.1 Simple flat network) and having a public home address 
(public address of the corresponding HA, Section 2.2 Networks and internal 
routing) and a home agent (Home Agent or HA in Section 2.1 Simple flat network) 
on the virtual private network (VPN Domain); 

a virtual private network gateway (VPN GW agent or FW/GW in Section 2.1 
Simple flat network) receiving information packets entering and leaving the virtual 
private network (VPN Domain), with a virtual private network tunnel inner address (IP) 
(IP in protocol stack for VPN Domain side in Fig. 1 [Communication] With a 
foreign agent) used for routing packets to the virtual private network gateway (VPN 
GW agent or FW/GW) transmitted from nodes (CN in Section 2.1 Simple flat 
network) within the virtual private network (VPN Domain) on the home network (VPN 
Domain) and a virtual private network gateway address (MlP/IPsec in protocol stack 
for VPN Domain side in Fig. 1 [Communication] With a foreign agent) used for 
routing packets to the virtual private network gateway (VPN GW agent or FW/GW) 
transmitted from at least one mobile node (Mobile Node or MN) located outside the 
virtual private network on said foreign network (Foreign Network in Section 2.1 
Simple flat network); and 
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the virtual private network tunnel Inner address (IP) and virtual private network 
gateway address (IPsec) being sufficient for tunneling Information packets to and within 
said virtual private network (See MIP tunnel between Foreign Network and VPN 
Domain; arrow between Foreign Network and VPN Domain in Fig. 1 
[Communication] With a foreign agent). 

Sjostrand discloses a mobile node located on the foreign network and further discloses 
a co-located care-of-address ("the mobile node uses co-located care-of-address", 
Section 2.1, Simple flat network). However, Sjostrand fails to explicitly show the 
mobile node location on the foreign network Is designated by a care-of address. 

In the analogous art of mobile IP, AdrangI discloses the mobile node location on 
the foreign network Is designated by a care-of address (CoA) ("In co-locate [with FA] 
mode, the MN obtains a CoA at its point of attachment Section 6.1 MIPv4 
Incompatibilities with VPN Gateway). 

At the time of the Invention, It would have been obvious to a person of ordinary 
skill In the art to combine "the mobile node location on the foreign network Is designated 
by a care-of address" as taught by AdrangI, with the co-located care-of-address in 
Sjostrand, in order to provide for a point of attachment for a mobile node outside of 
home network in a foreign network. AdrangI, Section 6.1 MIPv4 Incompatibilities with 
VPN Gateway. 
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With regard to claim 9, the combination of Sjostrand and Adrangi discloses the 
wireless communication system of claim 8. Sjostrand further discloses the information 
packet is forwarded outside the virtual private network from the virtual private network 
gateway for the mobile node (See MIP tunnel between Foreign Network and VPN 
Domain; arrow between Foreign Network and VPN Domain in Fig. 1 
[Communication] With a foreign agent). Adrangi further discloses care-of-address 
for the mobile node in a foreign network ("In co-locate [with FA] mode, the MN 
obtains a CoA at its point of attachment Section 6.1 MIPv4 Incompatibilities 
with VPN Gateway). 

The concept of using the care-of-address to reach a mobile node in a foreign 
network is well-known as evidenced by co-location as taught in Sjostrand and Adrangi. 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine "using the care- of-address to reach a mobile node in a foreign 
network", with the wireless communication system as taught by Sjostrand and Adrangi, 
to provide for a point of attachment to reach the mobile node. Adrangi, Section 6.1 
MIPv4 Incompatibilities with VPN Gateway. 

With regard to claim 10, the combination of Sjostrand and Adrangi discloses the 
wireless communication system of claim 8. Sjostrand further discloses the information 
packet is forwarded outside the virtual private network from the home agent for the 
mobile node (See MIP tunnel between Foreign Network and VPN Domain; arrow 
between Foreign Network and VPN Domain in Fig. 1 [Communication] With a 
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foreign agent). Adrangi further discloses care-of-address for the mobile node in a 
foreign network ("In co-locate [with FA] mode, the MN obtains a CoA at its point of 
attachment Section 6.1 MIPv4 Incompatibilities with VPN Gateway). 

The concept of using the care-of-address to reach a mobile node in a foreign 
network is well-known as evidenced by co-location as taught in Sjostrand and Adrangi. 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine "using the care- of-address to reach a mobile node in a foreign 
network", with the wireless communication system as taught by Sjostrand and Adrangi, 
to provide for a point of attachment to reach the mobile node. Adrangi, Section 6.1 
MIPv4 Incompatibilities with VPN Gateway. 

With regard to claim 1 1 , the combination of Sjostrand and Adrangi discloses the 
wireless communication system of claim 8. 

The combination fails to explicitly show the virtual private network gateway 
encrypts the information packet prior to transmitting the information packet from the 
virtual private network to the mobile node. 

The concept of encryption as it relates to a gateway is well-known as evidenced 
by a gateway's capability to also decrypt as taught in Sjostrand ("VPN Gateway 
decapsulates and decrypts and also perform firewalling", Section 2.1 Simple flat 
network). 
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At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine encryption, with the gateway in Sjostrand, in order to provide 
for the capability of encryption and decryption to enhance security. 

With regard to claim 12, Sjostrand further discloses the home agent appends the 
virtual private network tunnel inner address (IP) to the information packet to route the 
information packet to the virtual private network (IP In protocol stack for VPN Domain 
side in Fig. 1 [Communication] With a foreign agent). 

With regard to claim 13, the combination of Sjostrand and Adrangi discloses the 
wireless communication system of claim 8. 

Adrangi further discloses appending the care-of-address to the information 
packet prior to transmitting the information packet from the virtual private network to the 
mobile node (Fig. 6.1b shows IPsec tunnel enpoints, MN-CoA and the VPN 
External IP address). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine "appending the care-of-address to the information packet prior 
to transmitting the information packet from the virtual private network to the mobile 
node" as taught in Adrangi, with the IPsec tunnel between the foreign and home 
networks in Sjostrand, in order to provide for transmission to a mobile node residing in a 
foreign network. Adrangi, Fig. 6.1b. 
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With regard to claim 14, the combination of Sjostrand and Adrangi discloses the 
wireless communication system of claim 8. 

Adrangi further discloses appending the care-of-address to the information 
packet prior to transmitting the information packet from the virtual private network to the 
mobile node (Fig. 6.1b shows IPsec tunnel enpoints, MN-CoA and the VPN 
External IP address). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine "appending the care-of-address to the information packet prior 
to transmitting the information packet from the virtual private network to the mobile 
node" as taught in Adrangi, with the IPsec tunnel between the foreign and home 
networks in Sjostrand, in order to provide for transmission to a mobile node residing in a 
foreign network. Adrangi, Fig. 6.1b. 

With regard to claim 15, the combination of Sjostrand and Adrangi discloses the 
wireless communication system of claim 8. 

Adrangi further discloses appending the virtual private network gateway address 
to the information packet for routing the information packet to the virtual private network 
gateway (Fig. 6.1b shows IPsec tunnel enpoints, MN-CoA and the VPN External IP 
address). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine "appending the virtual private network gateway address to the 
information packet for routing the information packet to the virtual private network 



Application/Control Number: 10/712,879 Page 16 

Art Unit: 2476 

gateway" as taught in Adrangi, with the IPsec tunnel between the foreign and home 
networks in Sjostrand, in order to provide for transmission between the mobile node the 
VPN of the home network. Adrangi, Fig. 6.1b. 



Conclusion 

12. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BLANCHE WONG whose telephone number is 
(571)272-3177. The examiner can normally be reached on Monday through Friday, 
830am to 530pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Blanche Wong/ 
Examiner, Art Unit 2476 
November 5, 2009 



